Overview

A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system.

Description

A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious applet.

Any web browser using the Java 7 plug-in is affected. The Java Deployment Toolkit plug-in and Java Web Start can also be used as attack vectors.

Reports indicate this vulnerability is being actively exploited, and exploit code is publicly available.

Further technical details are available in Vulnerability Note VU#636312.

Impact

By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process.

To protect against this and future vulnerabilities, consider disabling the Java plug-in, Java Deployment Toolkit, and Java Web Start functionality. There are multiple ways to invoke Java in different web browsers and operating systems, and it can be difficult to completely disable browser support for Java. Check the Solution section of VU#636312 for up-to-date information.

Here are instructions for several common web browsers. Take care to disable both the Java and Java Deployment Toolkit plug-ins and, if necessary, disable Java Web Start by breaking JNLP handling.